1. Field of the Invention
The present invention relates to document management processing of a document management apparatus which communicates with a server device controlling access right, and controls a document processing request requested from a client device.
2. Description of the Related Art
Document management systems which include storage devices storing document information, and perform document search and document registration processing from a client device via a network have been realized.
With a document management system, access right as to each of documents is set for each user, and when accessing a document, the access right of a user as to the document is determined, whereby operations of the user are allowed or denied based on the determination result. Examples of the access right mentioned here include a reference right, a reading right, a writing right, and a deletion right.
Also, a set of one or more combinations of a user and an access right is referred to as a policy, and there is a technique for reducing complications associated with setting an access right by applying a policy to a document.
Also, there is a technique for listing the documents of multiple document servers as well as the access rights thereof (e.g., Japanese Patent Laid-Open No. 2005-085113).
Japanese Patent Laid-Open No. 2005-085113 discloses listing the search results crossing multiple document servers as well as the access rights thereof. Additionally, Japanese Patent Laid-Open No. 2005-085113 refers to a search program for confirming the access right of a document included in the search results by inquiring of a document server managing the document thereof.
The access right management using a document management system is only valid as to the documents within the document management system, and a technique such as the following is employed regarding the documents outside the document management system.
That is to say, this is a technique wherein a document is encrypted, authentication is performed when accessing the document to confirm the access right thereof, following which the document is decoded.
Such authentication or authorization (access right management) is frequently performed as to a dedicated server outside of the document management system. The access right management at this dedicated server is frequently performed employing the above described policy, so such a dedicated server is referred to as a policy management server below.
The system realizing the access right management employing such a policy management server is referred to as a Rights Management System (RMS). A document of which the access right is managed with RMS can be stored in the document management system.
However, with existing document management systems (including a document management system made up of multiple servers described in Japanese Patent Laid-Open No. 2005-085113), the documents of which access rights are managed with the RMS are encrypted. Therefore, full-text search information has not been able to be obtained.
Also, regardless of full-text search or attribute search, the search results are presented to a user without determining the access right as to a document included in the search results.
Therefore, it is difficult for the user to readily confirm the documents that he/she can access, so it is necessary for the user to confirm his/her access right by accessing each of documents, and inquiring of a policy management server whether or not the user can access the document, which is poor in convenience.
Also, in the event of presenting the result of full-text search to the user, though only the key words employed for search, a user is informed about the contents of a document which should be kept in secret by access restriction to begin with, which causes a problem even from the perspective of security.